Vulnerability Management Analyst

CETIN Bulgaria delivers high-quality telecommunications infrastructure services in Bulgaria, ensuring reliable connectivity with a commitment to excellence We provide an enjoyable customer journey and great performance by pushing sustainable technological development and anticipating customers' demands, based on our cutting-edge communications infrastructure, highly skilled team of more than 300 professionals, and our customer-driven strategy.

We work with highly skilled, highly motivated, world-class experts.

Join CETIN and be part of this team!

RESPONSIBILITIES:

As a Vulnerability Management Analyst, you will:

• Create vulnerability scan reports and related tickets to track remediation;
• Create asset discovery scan reports and related tickets to track investigations;
• Follow-up vulnerability remediation/investigations;
• Maintaining vulnerability management/scanning tools (manage updates, configuration) and handling issues;
• Run scan on demands in collaboration with System Owners;
• Monitor vulnerabilities identified by internal and external scanning;
• Perform vulnerability watch and process incoming vulnerability warnings, alerts and reports;
• Help with design, development and recommendation of security solutions to protect clients’ proprietary/confidential data and systems;
• Perform vulnerability assessment and policy compliance scanning on desktops/laptops, servers, network devices, web apps, etc.
• Review security events to evaluate the risk they present in the context of the environment they are in.
• Reporting priority security findings and information to relevant stakeholders.
• Identify and classify false positive findings in assessment results.
• Provide technical reports on assessment findings to facilitate remediation tasks for other operational teams.

Incident Response (secondary task):

• Collaborate with the Incident Response (IR) team to support detection, analysis, containment, eradication, and recovery efforts for security incidents.
• Participate in IR runbooks and playbooks; assist with evidence collection, preservation, and chain-of-custody as needed.
• Communicate incident status and impact to relevant stakeholders; assist in documenting lessons learned and contributing to post-incident reviews.
• Support post-incident remediation efforts, including validation of containment actions and restoration of affected services.
• Help identify root causes and contribute to improvements of detection and containment controls to reduce recurrence.

REQUIREMENTS:

• You have at least 2 years of experience working in Vulnerability Management;
• Completion of a Bachelor's degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics (or equivalent work experience);
• You possess excellent English verbal and written communication skills;
• You have effective interpersonal skills, and have demonstrated your ability to lead, motivate, and participate as a team player;
• You have at least 1 year of Experience with Rapid7

OUR OFFER:

• Working opportunity in a collaborative team
• Positive workplace culture where you would receive all the support you need from your peers and managers in order to achieve your personal and team goals
• Internal and online training possibilities
• Annual bonus based on your personal performance
• Preferential prices for mobile devices and accessories
• Unlimited mobile services and mobile internet
• Flexible working hours
• Monthly food vouchers
• Transportation allowance
• Additional health insurance
• Up to 25 days annual paid leave

Only short-listed candidates will be contacted. All applications will be treated in strict confidentiality and in compliance with applicable law regarding personal data protection.